package com.whyt.oauth.auth.conf;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.core.io.ClassPathResource;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
import org.springframework.security.oauth2.provider.token.store.KeyStoreKeyFactory;
import org.springframework.stereotype.Component;

/**
 * 授权服务器配置
 * @author ASUS
 */
@SuppressWarnings("all")
@Component
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter
{
    @Autowired
    private SecurityConfigProperties properties;

    @Autowired
    private AuthenticationManager authenticationManager;

    /**
     * 自定义
     *
     * @return
     */
    @Bean
    public TokenStore tokenStore()
    {
        return new JwtTokenStore(jwtTokenEnhancer());
    }

    @Bean
    protected JwtAccessTokenConverter jwtTokenEnhancer()
    {
        KeyStoreKeyFactory keyStoreKeyFactory = new KeyStoreKeyFactory(
                new ClassPathResource("jwt.jks"), "mySecretKey".toCharArray());
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        converter.setKeyPair(keyStoreKeyFactory.getKeyPair("jwt"));
        return converter;
    }

    /**
     *
     *
     * @param clients
     * @throws Exception
     */
    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception
    {
        clients.inMemory()
            .withClient(properties.getClientId())
            // 测试是跳转到百度,\，不加这个你配置怎么也不给你跳转，可能是新版本的原因
            .redirectUris("http://www.baidu.com")
            .secret(properties.getClientSecret())
            .authorizedGrantTypes(
                    properties.getGrantTypePassword(),
                    properties.getAuthorizationCode(),
                    properties.getRefreshToken(),
                    properties.getImplicit())
            .scopes(properties.getScopeRead(), properties.getScopeWrite())
            .accessTokenValiditySeconds(properties.getAccessTokenValiditySeconds())
            .refreshTokenValiditySeconds(properties.getRefreshTokenValiditySeconds());
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints)
    {
        endpoints.tokenStore(tokenStore())
            .tokenEnhancer(jwtTokenEnhancer())
            .authenticationManager(authenticationManager);
    }
}
